Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
P
P
Pianista2016-09-12 01:06:30
Nginx
Pianista, 2016-09-12 01:06:30

Rails + Devise + omniauth(Vk,Fb) - authorization problem. How to decide?

In a rails 5.0 application on a server with NGINX+UNICORN authorization via social networks does not work (I use Devise).
Everything works on the local machine, but it doesn’t work on the VPS, only sometimes it works through Facebook, but very rarely.
In the logs it gives:
unicorn:

2016-09-11_21:34:06.60859 [546a5628-0a6f-4770-9916-5c0eec38594f] Started GET "/users/auth/vkontakte" for 91.79.61.108 at 2016-09-11 17:34:06 -0400
2016-09-11_21:34:06.60863 I, [2016-09-11T17:34:06.603042 #897]  INFO -- omniauth: (vkontakte) Request phase initiated.
2016-09-11_21:34:06.67562 [16e3d757-dad8-49ee-b8a1-f48a719e1a25] Started GET "/users/auth/vkontakte" for 91.59.631.158 at 2016-09-11 17:34:06 -0400
2016-09-11_21:34:06.67619 I, [2016-09-11T17:34:06.676144 #892]  INFO -- omniauth: (vkontakte) Request phase initiated.
2016-09-11_21:34:07.77929 [ede375c2-e638-4d41-b587-c7947b2584fe] Started GET "/users/auth/vkontakte/callback?code= 9385b211038a291ec16&state= ac4c9f6378926c73b4f2468d7e5085b9fc46b5de3a904c29f" for 91.59.631.158 at 2016-09-11 17:34:07 -0400
2016-09-11_21:34:07.77992 I, [2016-09-11T17:34:07.779876 #892]  INFO -- omniauth: (vkontakte) Callback phase initiated.
2016-09-11_21:34:35.70664 [ede375c2-e638-4d41-b587-c7947b2584fe] Processing by Users::OmniauthCallbacksController#vkontakte as HTML
2016-09-11_21:34:35.70673 [ede375c2-e638-4d41-b587-c7947b2584fe]   Parameters: {"code"=>"9385b211038a291ec16", "state"=>"ac4c9f6378926c73b4f2468d7e5085b9fc46b5de3a904c29f"}
2016-09-11_21:34:35.70889 [ede375c2-e638-4d41-b587-c7947b2584fe]   ^[[1m^[[36mUser Load (0.7ms)^[[0m  ^[[1m^[[34mSELECT  "users".* FROM "users" WHERE "users"."provider" = $1 AND "users"."uid" = $2 ORDER BY "users"."id" ASC LIMIT $3^[[0m  [["provider", "vkontakte"], ["uid", "265290380"], ["LIMIT", 1]]
2016-09-11_21:34:38.61184 E, [2016-09-11T17:34:38.611629 #357] ERROR -- : worker=0 PID:892 timeout (31s > 30s), killing
2016-09-11_21:34:38.61961 E, [2016-09-11T17:34:38.619257 #357] ERROR -- : reaped #<Process::Status: pid 892 SIGKILL (signal 9)> worker=0
2016-09-11_21:34:38.62657 [47cab0fb-7d5a-4c5f-87bb-a2142d278b7d] Started GET "/50x.html" for 91.79.61.108 at 2016-09-11 17:34:38 -0400

nginx error:
2016/09/11 17:34:38 [error] 770#0: *35 upstream prematurely closed connection while reading response header from upstream, client: 91.59.631.158, server: localhost, request: "GET /users/auth/vkontakte/callback?code=9385b211038a291ec16&state=ac4c9f6378926c73b4f2468d7e5085b9fc46b5de3a904c29f HTTP/1.1", upstream: "http://unix:/var/www/myapp/current/tmp/sockets/unicorn.sock:/users/auth/vkontakte/callback?code= 9385b211038a291ec16&state= ac4c9f6378926c73b4f2468d7e5085b9fc46b5de3a904c29f", host: "myapp.com", referrer: "http://myapp.com/users/auth/vkontakte"

I suspect that the problem is either in the unicorn candy or in NGINX
my unicorn.rb
APP_PATH = File.expand_path('../../', __FILE__)

working_directory APP_PATH
listen            APP_PATH + '/tmp/sockets/unicorn.sock'
worker_processes  2
timeout           30
preload_app       true

before_exec do |server|
  ENV['BUNDLE_GEMFILE'] = APP_PATH + '/Gemfile'
end

before_fork do |server, worker|
  ActiveRecord::Base.connection.disconnect! if defined?(ActiveRecord::Base)
end

after_fork do |server, worker|
  ActiveRecord::Base.establish_connection if defined?(ActiveRecord::Base)
end

I read somewhere that similar problems arise if the proxy in nginx is not configured correctly, but everything seems to be correct for me.
Here is my nginx config:
upstream myapp_unicorn {
server unix:/var/www/myapp/current/tmp/sockets/unicorn.sock fail_timeout=0;
}
server {
 server_name localhost;
 listen 80;
 client_max_body_size 100m;
 root       /var/www/myapp/current/public;
 error_log  /var/log/nginx/myapp_error.log;
 access_log /var/log/nginx/myapp_access.log;
 error_page 404             /404.html;
 error_page 500 502 503 504 /50x.html;
 location /assets {
  access_log off;
 }
 location / {
  try_files $uri @myapp;
 }
 location @myapp {
  proxy_pass http://myapp_unicorn;
  proxy_set_header Host $http_host;
  proxy_set_header Referer $http_referer;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Forwarded-Proto $scheme;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_redirect off;
 }
}

I googled everything I could, but I couldn't find a solution. Maybe someone will tell you something?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

[[+comments_count]] answer(s)
Report
P
Pianista, 2016-09-12
@Pianista

To be honest, I completely understood what it solves, but now everything works. The problem was in ipv6, disabling everything immediately worked.
In the file /etc/sysctl.conf

#disable ipv6 
net.ipv6.conf.all.disable_ipv6 = 1 
net.ipv6.conf.default.disable_ipv6 = 1 
net.ipv6.conf.lo.disable_ipv6 = 1

a solution was found here
https://github.com/mkdynamic/omniauth-facebook/iss...
Perhaps this is not the best way to disable ipv6?

Similar questions
A
Abc Edc2015-04-07 20:48:01
How to make image stretching with scaling? 3Reply
@
@atambalasi2016-02-23 18:45:18
Is there a way to check the image size before uploading to the server? 3Reply
P
paramin2021-10-07 14:03:46
How to open cors for 1 file on NGINX? 1Reply
R
ronny2021-10-08 16:04:16
Why don't two limit_reqs work in different locations? 1Reply
M
Mikhailo Poberezhny2016-02-27 02:19:49
How to redirect routes in nginx? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question